review
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or hardcoded credentials were detected. The Python script uses only standard libraries and performs legitimate local file operations focused on counting words and generating novel analysis reports.
- [PROMPT_INJECTION]: The skill processes untrusted user-provided novel chapters, which is a potential surface for indirect prompt injection. Given the skill's primary purpose of analyzing story text, this surface is expected and poses no elevated risk due to the skill's limited local capabilities.
- Ingestion points: Novel chapters are read from the
./chapters/directory by both the Python script and the agent during logical review. - Boundary markers: There are no specific delimiters or instructions provided to the agent to distinguish between narrative content and potential instructions hidden in the text.
- Capability inventory: The skill's permissions are confined to reading text files and writing data to the current directory and the
.sumeru/review/subdirectory. - Sanitization: The skill does not perform sanitization or filtering of the novel content to identify or mitigate embedded instructions.
Audit Metadata